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1.0 INTRODUCTION 

This paper discusses the selection of components for constructing kiosk systems. After outlining the 
design steps necessary before creating a kiosk system, we will present each of the typical kiosk 
components and describe in detail both its function and what parameters can be used to evaluate that 
component. Discussion of the human factors considerations of each component is included where 
appropriate. 

1.1 What is a Kiosk 

Until recently, a kiosk was a small, rugged standalone structure often used as a newsstand, 
bandstand, or other commercial enterprise. The definition is evolving to include computer systems 
found in public places. These public computer systems are designed to provide an alternative avenue 
to reach information and services. The user is presented with an attractive structure which has been 
designed to provide a simple, friendly interface to novice computer users. A kiosk performs a task 
which is easily automated, freeing personnel from boring tedious labor. 

1.2 Types of Kiosks 

Kiosks are being used as a primary tool in efforts to improve the effectiveness of limited personnel 
and provide easy and convenient access to a wide range of services. Most of these kiosks are built to 
perform one of the following functions: 

* To advertise a commercial product. 

* To collect or dispense specific information. 

* To exchange information, funds, and/or services. 
1.2.1 Advertisement 

Kiosks used to advertise products are the least complex type of kiosk. The advertisement kiosk 
promotes products by providing information about it in a pleasing, interactive environment. This 
family of kiosks is often used at trade conferences and showroom floors. Advertisement kiosks most 
commonly take input from a touch screen monitor and use video, animation, and sound to convey 
information. Proximity detectors may be used to start an advertisement sequence on the kiosk when a 


EXHIBIT 


M 


http://www.kiosks.org/kiosk_paper.html 


3/2/99 


kiosk_paper.html at www.kiosks.org 


Page 2 of 39 


potential customer is near, typically using sound and video. Ordinarily located indoors, these kiosks 
rely on humans for security and maintenance. Limited access to the kiosk makes both physical and 
system security a low risk. 

1.2.2 Information 

Information kiosks are used to automate information access or to collect information. These kiosks 
are found in high pedestrian traffic areas like airports, stores, malls, and convention centers. User 
input is normally through a touch screen or, less frequently, with a keyboard. Hard copy output - for 
maps, coupons, or other desired information — is normally available through a printer. Although the 
amount of information is very limited, ticket dispensers at parking lots fit into this category because 
the information flow is one way: the user requests and receives a time-stamped ticket. Proximity 
detectors are rarely used with these systems, because noisy or flashing displays prompted by 
proximity detectors can become a distraction for business concerns or staff members in the same 
area. Informational kiosks are designed to be visually conspicuous to attract the attention of anyone 
looking for it without being confrontational to the senses of others. The physical security for these 
systems is at risk because they have no local owner. The system may be in full view of the public, 
but none of the people responsible for it are nearby. 

1.23 Transactional 

Transactional kiosks, used to sell goods and services or to exchange information, are the most 
complex type of kiosk. This family of kiosks is found in stores, malls, public transit terminals, and 
other high pedestrian traffic areas. Touch screens, simple buttons or keyboards are all used to get 
instructions and information, along with some method of fund collection, and possibly identity 
verification. Proximity detectors used to trigger kiosk activities designed to attract customers may be 
used. The physical security of these kiosks are at risk since money and goods are involved. A kiosk 
that accepts cash must be designed differently from a kiosk that takes only credit cards or debit 
cards. The extra room needed to store the cash, the room needed to store change, and the physical 
security measures needed to protect both adds to the kiosk cost. Most cash processing kiosks deal 
with small amounts of money only, for public transit fares, parking tickets and the like. Kiosks 
which sell airplane tickets or allow the transfer funds at a bank require a card of some kind, both to 
eliminate the difficulty of handling cash and to identify the user. 

2.0 DESIGNING A KIOSK 

The design of a kiosk is dependent on what services the kiosk will provide, who will use the 
services, and the location of the kiosk. 

2.1 User Profiles 

As the kiosk developer, the service provider is the immediate customer. The customer sees the kiosk 
as a solution for a specific problem. A developer's first responsibility is to make sure that you and the 
customer have a common definition of the problem to be solved. If you cannot agree on what the 
problem is, it is difficult to agree on its solution. 

The kiosk designers and service provider need to define the target population for the services that 
will be provided. The target population is used to define needed functionality and constraints to the 
design of the kiosk. Will the users be familiar with keyboards? What ages will your users be? Can 
they all speak one language, or must you provide several? Would you like to include wheelchair 
users among your clients? The physical, educational, social and national characteristics of your user 
population will be used to determine and constrain your hardware and interface choices. 

The client using a kiosk is not necessarily concerned with how it functions internally; it can also be 
risky to advertise the physical structure of your system. The user should be able to view the kiosk 
simply as a cabinet housing electronic equipment which performs a useful function, without having 


http://www.kiosks.org/kiosk_paper.html 


3/2/99 


kiosk_paper.html at www.kiosks.org 


Page 3 of 39 


to comprehend the exact wiring and hardware components. The enclosure is very important to how 
the client views the kiosk. It must be regarded as providing a service without offending the user, and 
it must be pleasant to look at and use. It must be designed to be accessible to handicapped users and 
meet any necessary certification requirements. 

2.2 Location Factors 

As described in the first section, the location of the kiosk delimits what features are most desirable. 
In an environment where many people must work next to the kiosk all day, repeated music selections 
can be very annoying. Kiosks should be placed where they can both attract users and not obstruct 
traffic flow. In addition to the obvious environmental factors of temperature, humidity, and 
precipitation, the amount of light and noise around a proposed kiosk location will also affect the 
basic design. If the kiosk will be located in a business setting where many people have to work near 
it all day, loud and repetitive audio output is a poor choice. Alternatively, if the kiosk will be placed 
in a stadium, an arcade, or an auction center, use of voice recognition, spoken passwords, or 
informational audio output will be impractical. 

23 Example 

As an example we will use the kiosk which was designed at Los Alamos National Laboratory for the 
LIST project. This kiosk was designed as a prototype, using the technologies and software available 
in mid to late 1994. 

23.1 Problem Definition 

The Los Alamos Information Systems Technologies (LIST) system is designed to facilitate the 
creation of telecommunities in the National Information Infrastructure (Nil). These telecommunities 
will initially be geographically-centered, based on existing communities or towns. Telecommunities 
can also be based on common interests such as research, business, education, etc. Telecommunity 
software will provide a common user interface to all users, a set of base services (such as email, 
WWW access, teleconferencing, bulletin boards, etc.), and a set of telecommunity-controlled 
applications. In a telecommunity based on a town these applications can include county services, 
government services, banks, local businesses, and select remote businesses. Users and applications 
will register with the telecommunity for control and information reasons. The information collected 
through registration will allow users to initially access general applications as well as applications 
requiring access to sensitive information or commerce transactions. Application information will be 
used by the searching services. 

The LIST telecommunity will be available from a user's workstation at work, at home, or from a 
kiosk within the townsite. Similar functionality will be available from a workstation or kiosk. Users 
should easily be able to conduct business transactions, collaborate with remote partners, and mine for 
information using LIST. Not only will our lives be made easier through electronic banking (pay your 
bills and balance your checkbook automatically) and government services (renew that drivers license 
without standing in line), but also we will be more connected with our neighbors. People looking for 
bridge partners can post a message to their neighborhood bulletin board, archaeology buffs can 
organize expeditions, and students can collaborate both with their classmates and their peers around 
the world. 

Similar to the free televisions stations, there will be a free level in the telecommunity that anyone can 
access, whether they are a member or not. This will typically be information-only applications, such 
as information on the county, government, tourism, etc. Access to the non-free level will require user 
authentication in the form of a password, smartcard, biometric, or some combination. 

Personal interaction facilities will be available through the telecommunity, allowing users to chat 
when accessing the same application, facilitating teleconferencing and collaboration, or to provide 
on-line help within an application. 
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The LIST kiosks will provide an array of different applications, not just a single type of application 
such as Department of Motor Vehicle services or probation services as is currently seen today. The 
LIST kiosk must be general purpose and serve as a user interface for various multimedia 
telecommunity applications. 

23.2 Kiosk Goals 

Goals are the long term objective being addressed by the kiosk and are helpful when making design 
decisions. This kiosk will supply community based services at public locations. The kiosk will 
provide value to the community as an electronic tool for every day use. Several goals of the kiosk are 
expressed below: 

* The kiosk will serve all Americans. The kiosk will have an easy to use, intuitive and consistent 
interface. The kiosk will provide a variety of capabilities which will support diverse users and 
communities. 

* The kiosk will promote free enterprise. The kiosk should support competition in an open 
marketplace. Users will be afforded the maximum choice based on value and price. 

* The kiosk will protect the rights of users. The intellectual property rights of owners of 
information must be protected. The kiosk must support means for supporting verification of identity 
of users, service providers, and information. Anonymous access will also be supported for some 
services. Users must be assured that transactions on the kiosk will be free from interception, 
alterations, and use. 

* The kiosk will promote open standards* The kiosk must support national and international 
standards to promote interoperability when possible. 

* The kiosk will provide high-quality services. Services accessed at the kiosk must be dependable 
and the integrity of the service guaranteed. The kiosk must be flexible in capacity and performance, 
with the ability to evolve to meet future applications. 

* The kiosk will provide an information marketplace. The kiosk will be able to let users know 
what services, information, and capabilities are available at any time. The kiosk will provide easy 
entry to new service providers and users. The kiosk will support the ability to use existing 
applications to create new products and services. The kiosk will provide access to internet services. 

2.33 Kiosk Requirements and Functionality 

Once the problem is defined, the solution can be worked on. First, determine the kiosk's 
requirements needed to solve the problem. The functional requirements of the kiosk must be precise. 
The requirements must specify what the kiosk system must do, not how to do it. The requirements 
must also show a design which is simple and well-integrated. The functional requirements should 
help define the intended kiosk user, along with any special needs and requirement the kiosk must 
address. 

233.1 Security and Authentication 

Security and authentication need to be intimately tied together in this system. Users must be assured 
that their information and transactions are not forgeable and there is no way to cheat the system. The 
kiosk must support LIST security and authentication enhancements. 

233.2 Information Mining 

Currently there are limited tools available on the Internet to facilitate information mining. By this we 
mean that people cannot easily search for information across the various tools. Some of the tools 


http://www.kiosks.org/kiosk_paper.html 


3/2/99 


kiosk_paper.html at www.kiosks.org 


Page 5 of 39 


have rudimentary directory services or rudimentary search capabilities, but none provide the 
extensive capabilities necessary to access the wealth of on-line data. The kiosk must support 
information search and mining using LIST. 

2333 Controlled Information Distribution 

The kiosk must support LIST enhancements for limiting distribution/copying of controlled 
information (software, electronic magazine, copyrighted material) — e.g., controlled cut-and-paste. 

233.4 Interactive Communication 

Communications may be possible using available or to-be-developed applications, rather than 
providing a communications service upon which other applications are built. In any case, the kiosk 
should directly or indirectly support real-time communications over the internet. Communications 
may be used for personal conversations, collaboration, or on-line help from service providers, for 
example. 

233.5 Searching 

Search is a facility allowing the user to easily access a service by supplying information about it. 
What information a user decides to provide in order to describe the service should be left unspecified 
in order to allow the user maximum flexibility. On the other hand, search and filter facilities should 
provide as many of the keywords which a user can provide information on without relying on 
knowledge that the user may not be able to provide. Thus, the solution is to have an interface that is a 
compromise of these two approaches. The main issue to be addressed is that of minimizing queries 
which result in either too much or too little information and becomes a waste of time for the user. 

233.6 Filter 

We need a filtering system so that people can filter out unwanted information and not be bothered by 
advertisements and the like. This can also be used to lock out adult material from access by minors. 
This is a very useful facility that will reduce the number of servers which need to be accessed, as 
well as reduce the amount of information which is returned by a server. This facility is similar in 
functionality to the example in telemedicine: the search condition is to look for cases having similar 
symptoms and an X-ray image provides the filtering condition. 

233.7 Electronic Mail 

Electronic mail is a well-established service which should be provided on the kiosk. An encryption 
facility will be added to allow secure exchange of information. A digital signature capability will be 
added to verify message contents and author. 

233.8 Transaction Recording 

Ideally, if we implemented everything correctly, people would not need to have a record of their 
transactions, but many people want a receipt of some kind, so we should give it to them. This means 
that we need to implement a file system which allows people to access their records from anywhere 
in the world via a designated kiosk. Since a common use of the kiosks will be to conduct 
transactions, we need a flexible interface that can be used by most companies, government agencies, 
and people. If a store wants to use the system, the interface should be very similar between stores so 
that users are not confused by different ordering systems. 

233.9 Color Graphics 

Much of the information accessed at the kiosk will be color graphics. The kiosk must designed to 
support color graphics. 
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233.10 Video 

Much of the information accessed at the kiosk will be in a video format. The kiosk must support full 
motion video to slow scan through high definition and beyond. Still images from low to high 
resolution must also be available. 

233.11 Audio 

Much of the information in the world is in audio format. The kiosk must support audio output of 
information from telephone-quality voice to compact disc quality. 

23.4 Kiosk Attributes 

Attributes are helpful as a method of testing the acceptability of the finished kiosk since they can be 
measured. 

* The kiosk needs to be versatile to allow uses other than LIST access. 

* The kiosk must be simple to use with an "Easy to use interface ". 

* The kiosk will not be an eye sore, it will be unobtrusive to its environment. 

* The kiosk interface should be consistent. 

* The kiosk will have a fast response. 

23.5 Kiosk Constraints 

Constraints are limitations on possible kiosk implementations and are best negotiated away. Some 
constraints are necessary and can help by limiting the possible solutions. Some constraints you will 
almost always see are cost, and time to delivery. 

* Easy To Use - Controls for the kiosk should be easy to understand and use. The information 
displayed should be easy to understand. 

* ADA Compliant - One of the primary objectives is to provide individuals with physical 
limitations or disabilities the fullest possible access to the systems information services. 

* Multi-Lingual - The kiosk must support both English and Spanish. 

* Cost - We are seeking a cost effective kiosk solution. 

* Secure - The kiosk should be secure to tampering and vandalism. The information received and 
sent should be correct. 

3.0 BUILDING A KIOSK 

To build the kiosk we purchased much of the hardware and software bundled together which helped 
to keep the kiosk cost low. We then purchased any software and hardware which was still needed. 
The hardware and software selection is based upon what was available in mid to late 1994, and 
should not be taken as a particular endorsement of any of these products. 

3*1 Base Platform purchased from Dell Computer Corporation 

For our initial kiosk an Intel Pentium computer running Windows was selected.JT} This platform was 
selected due to its low cost and the availability of specialized peripherals. This platform is one the 
platforms the LIST software will run on. This platform will handle color graphics, video, and audio 
with the proper peripherals installed. 
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3.1.1 Hardware 

* Dimension Pentium 90/XPS Medium Desktop Base.J21 

* Spacesaver, Quiet Key Keyboard 

* 32MB RAM, 2 SIMMS[3] 

* NEC CDR-510, Triple Speed, 200ms, Multisession Photo CD compatible, SCSI CD-ROM Drive. 

* VS 15 Color MonitorBl 

* Number Nine GXE Video Board with 2MB Memory 

* 1GM IDE Hard Drive 

* SCSI PIO Controller]^ 
*3.5" 1.44MB Floppy drive. 

* Microsoft System Mouse 

3.1.2 Software 
*DOS 6.21 

* Windows 3.1 

* Microsoft Works 

3.2 Final System Specifications/Hardware 

We used the Pentium 90/XPS desktop computer base system with the following modifications. 

3.2.1 Color Touch Screen Monitor 

We selected a 17" Color monitor using a capacitive touch screen. The 17" monitor was selected 
because it offered a large area of which could be used as an interface for the kiosk. A larger monitor 
would have presented problems to some users who would have had problems touching the entire 
screen. [6] 

We purchased the touch screen pre-installed on the face of the color monitor. J7] We selected the 
capacitive touch screen because of its cost and the large number of operating systems which it 
supports. The capacitive touch screen can be damaged since it is deposited on the screen of the CRT 
but it also protects the CRT from some damage. 

3.2.2 Video Card 

We used the number Nine GXE Video Board which came with the computer system. The 
9GXE64Pro is a 64-bit BGA display adapter. It has high speed VRAM, an S3 Vision964 processor 
an a Texas Instruments true-color palette DAC (Digital to Analog Converter). This board came with 
2MB or memory and is upgradeable to 4MB. Resolutions are available from 640 x 480 to 1600 x 
1200 (non interlaced). The DAC supports 16.8 million colors. 

3.23 Audio Card 

We selected a Sound Blaster 16 SCSI-2 board for the kiosk. Sound Blaster cards have become the 
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industry standard for digitized sound on the PC platform. Almost any game or other DOS program 
which supports digitized sound supports the Sound Blaster. 

The Sound Blaster board is a 16 bit board which handles 20 voices. Its sound quality can easily be 
improved by adding an optional Wave Blaster daughterboard with a 32 voice EMU chip. With the 
Wave Blaster you can deliver 16 bit high fidelity sound and music. Another feature of this board is 
that it supports SCSI-2 interface for a CD-ROMs. 

32.4 Modem 

A modem card was purchased for the kiosk to allow modem connectivity. The ProModem 144e 
manufactured by Prometheous was selected. This is a 14,400 bps data or send/receive fax modem 
with error correction and (V.42/V.42bis/MNP-5) data compression. 

3.2.5 Network Card 

A network card was purchased for the kiosk to allow network connectivity. The 3Com EtherLink III 
network card was selected. This card allowed the kiosk to be connected to any Ethernet network 
wired with IEEE 802 standard 10BASE-2, 10BASE-5, or 10BASE-T cable. 

3.2.6 Speakers 

We purchased external Labtec CS-700 speakers for the kiosk. These speakers have a built in 3 band 
equalizer and Bass Boost- DXBB circuit. Each speaker has Individual volume controls and self 
activated on/off switch. The shielded magnets to prevent interference with computer and television 
screens. Each speaker uses 4 "C" cell batteries or built in DC 6 volt input jack for power. A 3.5mm 
stereo plug fits personal stereos and computer sound boards. 

3.2.7 CD ROM 

We used the NEC CDR-510 triple speed that came with the base system. Instead of using the SCSI 
board supplied with the computer we are using the SCSI-2 which came with the Audio Board. [8] 
This CD-ROM is theoretically about 50 percent faster than a double speed drive. This will provide 
smoother animation when the program uses very large files. This CD-ROM uses a CD caddy which 
holds the disc when you insert it into the drive. 

3.2.8 Enclosure 

Currently not purchased 
3.3 Software 

Much of the software being used is dependent on the hardware purchased. 
3.3.1 The LIST GUI interface . 

The LIST GUI interface is currently being constructed. This interface will run on windows and on 
UNIX workstations. Unlike most authoring software LIST is a multi-platform authoring tool 
designed for network communications. 

33.2 Windows 

The windows supplied with the computer is being used. Windows is the most common graphical 
user interfaces used on the PC platform. 

3.3.3 DOS 
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The DOS supplied with the computer is being used. DOS is the most common operating system used 
on the PC. 

4.0 PLATFORMS/OPERATING SYSTEMS 

In addition to the choice of external structure, selecting the operating system, which determines the 
structure of information and applications in the kiosk, is a primary decision. The kiosk controller is 
the computer selected to run the kiosk. The computer platform should be selected depending on cost, 
hardware used, and the functions the kiosk will be selected to perform. 

Table 1: Comparison of Computer Platforms 


Operating System 
Internal Audio 
Internal Video 
Peripherals 
Selection 
Cost 


DOS /Windows 
Easy To Use 
NO 
NO 

Large 
Low 


Macintosh 
Easy To Use 
Normally Yes 
Normally Yes 
Medium 

Medium 


Workstation 
Difficult to Use 
Normally Yes 
Normally Yes 
Small 

High 


4.1 DOS/Windows 

The most prevalent platform used is an Intel based computer running DOS and Windows. This 
platform is low cost and has the more peripheral options than the other platforms. This platform 
requires that the system designer be very knowledgeable about system interrupts, addresses, and 
communications ports. Many of the performance characteristics can be modified on the Intel 
platform which allows the designer to tweak the kiosk for peak performance. Future operating 
systems are expected to have plug-and-play (see next section) which will simplify working with this 
platform. 

4.2 Macintosh 

This platform is easy to use because sound and video capabilities are built in. This platform currently 
has plug and play capabilities: when a board is added to the system, it tells the computer what it is 
and what it can do. It is difficult to modify system performance on this platform since it is handled 
by the operating system. 

4.3 UNIX 

These controllers are the most expensive. UNIX workstations have video and audio capabilities. 
These systems are easily connected to networks but have a limited number of serial ports for 
peripherals. These systems are easy to develop applications on. These systems need a system 
administrator to function properly. 

4.4 Other 

There are other computer platforms and operating systems which could be used (Amiga). Due to the 
availability of the platforms or their cost they are not viable candidates for kiosk use. 

5.0 COMPONENTS 

The standard components found in most kiosk housings include the one or more input interfaces, a 
computer, and output devices. The input interface is typically a touch screen monitor, a keypad, or a 
keyboard, but hand or fingerprint readers and video and sound recorders could also be used. For 
many applications a keypad is used, consisting of only a few buttons for selection of services. The 
choice of computer will already be determined in large part by the choice of operating system 


http://www.kiosks.org/kiosk_paper.html 


3/2/99 


kiosk_paper.html at www.kiosks.org 


Page 10 of 39 


platform. The monitor, which can be the primary input interface, is also the chief output device as it 
displays information on the screen. Many kiosks have sound capability, but in most cases sound is 
found to be an annoyance to others nearby who are not using the kiosk. Most kiosks have some 
ability to give out hard copies of any transactions, normally with a thermal or laser printer. 

5.1 Input Devices 

The kiosk user interacts with the kiosk through some sort of input devices. The input device converts 
the users response to the kiosk (mouse movement, touch, keystrokes, sound, etc.) into an event that 
the kiosk can respond to. The kiosk interprets the event into the proper programmed response. 

5.1.1 Touch Screens 

Many kiosks use touch screens as the primary user interface. While touch screens avoid the 
difficulties of gummed up pointers and keypads, they are not yet capable of providing Braille, 
limiting the client population. 

A touch screen is usually a clear, touch-sensitive screen placed over a monitor. The monitor uses 
pictures and text to prompt the user for the required touch input. This input normally requires the 
user to select an option by pressing a button displayed on the monitor. When the user touches the 
screen, the coordinates of the position touched are used, to determine which option the user was 
selecting. There are five basic types of touch screens used for kiosks. The first three touch screen 
types use a screen over a monitor. The fourth type uses sensors mounted in a frame around the 
monitor and the fifth type uses sensors mounted in a base upon which the monitor sits. 

5.1.1.1 Resistive 

A resistive change, in an overlay on the monitor, used to detect input is the first type of touch screen. 
The display overlay consist of a glass substrate covered by a plastic cover sheet. Conductive coatings 
are applied to both elements and non-conductive spacers are used to separate them. The inner 
surfaces are separated until touched. Finger pressure causes an internal electrical contact. This 
contact supplies the controller with vertical and horizontal analog voltages used for digitization. 

5.1.1.2 Capacitive 

The second type uses a capacitive charge to detect touch. MicroTouch Systems uses an all-glass 
touch screen with a transparent, thin-film conductive coating fused to its surface. A glass overcoat is 
applied over the conductive coating to seal the entire sensor and protect it. A narrow electrode 
pattern applied to the edges distributes a low voltage AC field over the conductive layer. When your 
finger makes contact with the screen's surface, it capacitively couples with the voltage field. A small 
amount of current is drawn to the point of contact. The ratios of the current's flow from each corner 
are used to locate the point of touch. The screen resolution is 1,024 points per axis within the 
calibrated area. The primary problem with this technology is that it will not work with gloves and 
people with long finger nails may have problems. This technology needs to be re-calibrated when 
environmental conditions change. 

5.1.1 J Surface Acoustic Wave 

The third type of touch screen uses Surface Acoustic Wave (SAW) technology. Each axis on the 
overlay has a transmitting and receiving piezoelectric transducer and a set of reflector stripes. The 
transducers produce surface waves that propagate across the glass surface. When the surface is 
touched, a portion of the wave is absorbed. The change in the received signal is analyzed and 
digitized into Z and Y coordinates. The Z-level is determined by measuring how much signal was 
absorbed. The advantage of this technology is that it can be activated with gloves, it is very stable, it 
has no front coatings to wear, and it has a very high light transmission. One disadvantage of this 
technology is that moisture on the screen can absorb the acoustic wave and make the screen less 
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sensitive. 
5.1.1.4 Infrared 

The fourth type of touch screen uses infrared emitters and detectors mounted in a frame added to the 
monitor. Inside the frame are infra-red emitters and detectors. When the user touches the screen the 
optical path between detector and emitter is broken. This information is used to determine the X-Y 
location on the screen touched. The most noticeable problem with this technology is parallax 
problems when used with a curved monitor. 

Table 2: Touch Screens 


Category 

Resistive 

Capacitive 

SAW 

IR 

Force 
Vector 

Light Transmission 

55 to 82% 

85 to 92% 

90% 

100% 

100% 

Front Coating 

YES 

YES 

NO 

NO 

NO 

which can be 






damaged 






User can wear 

YES 

NO 

YES 

YES 

YES 

gloves 






Z- response 

NO 

NO 

YES 

NO 

YES 

Parallax Problems 

NO 

NO 

NO 

YES 

NO 

Frequent 

NO 

YES 

NO 

NO 

NO 

Calibration 






Resolution per 

200 

-70 [91 

30 

8 

40 

inch 






Touch Activation 

3 to 4 

< 1 

2 to 3 

0 

3 

Force (ounces) 






Positional 

0.080" 

-o.ois" no] 

0.033" 

0.125" 

0.025" 

Accuracy (+/-) 





Operating Temp. 

0--50 

0--55 

0--50 

0--50 

0--50 

Range (C) 






Operating Systems 

DOS, 

UNIX, VMS, 

DOS, 

Amiga, DOS, 

DOS, 


Windows , 

Amiga DOS, 

Windows , 

Macintosh, 

Window 


OS/2, 

OS/2, 

Macintosh 

Windows 

UNIX, 


Macintosh 

Windows , 
Macintosh 



X-Wind 
VMS 

Touch Pressure 

2 

2 

15 

2 

256 - 

levels 






Response time 

13 -18 ms 

15 - 25 ms 

53 - 59 ms 

18 - 40 ms 

250 ms 

Vibration 

Good 

Good 

Good 

Good 

Poor 

Resistance 






Shock Resistance 

Poor 

Moderate 

Poor 

Good 

Poor 


5.1.1.5 Force Vector 

The fifth type of touch screen is manufactured by Visage. This product does not use any additional 
screens or sensors to attach to the monitor. The Visage product is a device that fits under the display 
device and plugs directly into the computers serial port. When an object setting on the Visage 
TouchMate is touched, it causes a change in the distance between its top and base. This causes 
internal sensors to reflect the change with changes in capacitance. The capacitance values are then 
used to determine the amount of force used and the position it was exerted at to cause the movement. 
The resolution is approximately 40 touch points per inch horizontally and vertically. It can detect 
touches as light as three ounces. 

5.1.1.6 Manufacturers 

* Carroll Touch, P.O. Box 1309, 811 Paloma Drive, Round Rock, TX 78680, phone 512 244-350, 
fax 512 244-7040. 
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* Elo TouchSystems Inc., Cristy St, Freemont, CA 94538, phone 510 651-2340. 

* Intecolor Corporation, 2150 Boggs Road, Duluth, Georgia, phone 404 623-9145, fax 404 623 9163. 

* MicroTouch Systems, Inc., 300 Griffin Park, Methuen, MA 01844-9867, phone 508 659-9000, fax 
508 659-9100. 

* Touch Technology, 21 13 Wells Branch Parkway, Austin, TX 78728, phone 512 990-9700. 

* Visage, 1881 Worcester Road, Framingham, MA 01701, phone 508 620-7100, fax 508 620-0273. 

5.1.2 Magnetic Card Reader Systems 

Magnetic card reading systems consist of two basic parts. The first part is the magnetic card reader 
which reads the magnetic card. The second part is the software which verifies the magnetic card after 
it is read. 

There are two types of magnetic card readers manual and motorized. Both type of readers 
communicate with the controlling system using the serial interface. The manual magnetic card reader 
requires the user to insert and remove the magnetic card or pass it through a slot which reads the 
magnetic stripe on the card. The motorized card reader accepts the card, reads it, and then returns it. 
Both reader types have different capabilities and liabilities. If power goes out while the motorized 
magnetic card reader is reading your card you could lose it. The motorized card reader has to ability 
to take a card which is not valid. The mechanical card reader is more likely to get contaminated with 
dirt. 

Magnetic card software is normally a terminate stay resident (TSR) program running on the 
platform. When this type of software works it works good. When it does not work you have real 
problems that are difficult to troubleshoot. 

5.1.2.1 Manufacturers 

* AccuSell, phone 800 729-3471. 

* Control Module, phone 800 722-6654, fax 203 741-6064. 

* DataCap, phone 215 699-7051. 

* International Technologies & Systems, phone 800 971-3535. 

5.1.3 Keyboards 

Keyboards are the standard input device for most computers. The sensitivity of the keys, the angle of 
orientation for the keyboard, the number of keys on the board itself and the compatibility of the 
keyboard with your computer system will be major contributors in your purchase. Most keyboards 
sold today offer a large range of keys with various functions. The capabilities you as the maker of the 
kiosk want to give to your user will determine how many keys your kiosk keyboard will have. 
Today's keyboards come with 101 to 175 key array variations. If your kiosk must handle European 
languages, the 102-key format is a necessity. Sensitivity of the keyboard is a way of looking at how 
much pressure you must use when depressing a key on the board to make the function of that key 
happen (i.e. pressing the {A} key hard enough to make "a" or "A" appear on your monitor). 

Compatibility for keyboards falls into the IBM, Mac or workstation (i.e. SUN, NeXT, etc.) family of 
computers. Keyboard ergonomic developments have modified the original typing hand position by 
adjusting the actual angle the keypad by splitting it into two or more parts that are slightly obtuse in 
relation to the normal keyboard orientation allowing your hands to type with same speed and 
accuracy at a more comfortable, natural typing angle. 
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The keyboards may also come with or without mouse ports. Again, your kiosk application and how 
you want the user to interact with the application will effect your decision to purchase additional 
input devices (i.e. mice). 

5.1.4 Pointing Devices 

Pointing devices are used to move the cursor across the monitor. The most common types of 
pointing devices are mice and trackballs. 

5.1.4.1 Mice 

Computer mice are used as input devices for computer systems. Like the keyboard, mice come in 
various configurations: 2-, and 3-buttons with left or right hand orientation compatible with the 
same family of machines as keyboards. Some options that will weigh heavily in your mouse decision 
include engine life, switch life, travel, resolution and type of mouse technology. In an interview with 
the technical staff at Key Tronic Corporation, several of the specifications listed above were clarified. 

Engine life and switch life give minimum ratings for the durability of any mouse by testing the 
mouse over a certain mileage in different office environments. Travel is another way of measuring 
the durability of a mouse and giving a minimum (usually in miles or km). Resolution refers to how 
closely the mouse movements control cursor movement. Higher resolution means a more accurate 
cursor/mouse movement relationship. The mouse technology can either be in the form of a ball 
inside the mouse rolling along a surface (mechanical technology) or an infrared light 
(opto-mechanical technology) which translates the light into movements used by a spinning device 
to move the cursor across the screen. Tactile switches allow more accurate movements and the kiosk 
application will serve to guide you to the proper configuration. 

It is worthy to note that as long as the mouse is moving on a flat surface (i.e. mouse pad, desktop), 
some mice can move regardless of the orientation of the mouse itself (a flat surface horizontal to the 
ground is not necessary for some mice to operate). 

5.1.4.2 Trackballs 

A stationary ball, called a "trackball" or a "turbo ball", provide similar pointing capabilities to mice 
with less threat of the component being torn off. Unfortunately, both types of pointing device can get 
dirty or broken with heavy use, and older users are less familiar with the movements required to 
select different parts of the screen, so many current kiosks rely on touch screens (as described above) 
or small keypads (on older ATM's) for user input. 

5.1.4.3 Other Pointing Devices 

Both mice and trackball use a ball to track position. There are many other types of pointing devices 
which use sensors to determine which direction you want to go. Many of these device are joy sticks 
or developed from joy stick technology. 

The traditional joy stick was a control device which simulated a pilots control stick. These joy sticks 
were used with many popular games to control the current cursor position or to move in an 
environment. Miniaturization makes it possible to build joystick which are small enough to fit on a 
keyboard 

5.1.5 Microphones 

Microphones convert the naturally occurring sounds (rapid fluctuations in air pressure) around us 
into variations in electrical voltage levels which are then digitized using an analog-to-digital 
converter. [1 1] This conversion process is what creates a sample. These sample rates are then 
combined to determine a waveform (after a rate range of 1 1 ,000 to 48,000 measurements per second) 
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which is then reproduced using a digital to-analog converter when the original sounds recorded are 
desired. If your kiosk application utilizes more than one audio source (CD-ROM, microphone and 
additional external stereo sources for example), it is also important for the sound card to have a 
mixer with a sufficient number of channels. The speed of the computer's processor or hard disk or 
the size of the computer's memory may have adverse effects on achieving a digitized recording. As 
an example an uncompressed, CD quality, three minute stereo recording can occupy 30 MB of disk 
space using a sampling speed of 20 kHz whereas a 10 minute monotone recording using a sampling 
speed of 1 1 kHz can take up only 7 MB of disk space. The input and output jacks on these cards are 
a common source of unwanted noise for mini-jack standards but the line-level jacks provide lower 
noise levels. 

Microphones can be used at kiosks for several purposes. [12] A microphone can be used to simply 
record audible data that may be used as input for a particular application such as two-way audio 
communication, or voice recognition. In general, the microphone chosen for a kiosk should have 
several quantities. A high input impedance with a low voltage level will prevent distortion due to 
background by noise. The appropriate diaphragm size can also have big effect on sound 
reproduction. The smaller diaphragm sizes, less than 3/4" in diameter, offer a flatter frequency 
response and a faster transient response for lower audio output. Larger diaphragms give the same 
sound quality at higher sound pressure levels and are more sensitive. Microphone sensitivity falls 
into one of the following patterns: 

* Omnidirectional - provides equal pickup in all directions. 

* Cardioid - most sensitive to sounds directed to the front of the mic. 

* Supercardioid - narrower side pickup than the cardioid pattern with a small amount of rear pickup. 

* Bidirectional - have equal pickup sensitivity in the front and rear of the mic. 

Because most of the microphones used for the kiosk will be exposed to a certain degree of rough 
wear, the choices from which to choose drop dramatically. For durability, the clear choice would be 
dynamic or electret microphones. Dynamic microphones are the simplest type of pressure 
microphone and require no batteries or special power supplies. Sound pressure levels can be 
extremely high before distortion occurs. These microphones lack the sensitivity of more expensive 
mics but are the most rugged, affordable type of mic on the market. Electret condenser mics are also 
fairly affordable, using a permanent fixed charge to power itself. Electrets are widely used for 
on-the-spot news crews and low budget film recordings. 

5.1.6 Cameras 

Cameras for kiosks are used for security, communication, or both.£13] Security oriented cameras are 
used to survey the kiosk environment for the purpose of protection of the kiosk, its internal 
components, and the user. Communication oriented cameras can be used to perform two-way 
communication between kiosks or other computers. The same camera can be used for either. 

To use video you must first decide between sending live or still video. Still video consists of single 
pictures versus full animated movement with live video. Live video with current phone lines has 
been attempted in two way communication but generally has poor resolution and jerky pictures. New 
technology allows still video reproduction on the same lines with great resolution and detail. 

Lighting is important when using a camera. The best camera in the world could not produce a quality 
video without proper lighting. Spot lights in the given area provide the light necessary to see kiosk 
users. 

5.2 Output Devices 
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Kiosk output devices are used to output information in a number of different formats. The 
information is often written to a monitor or a piece of paper. Audio information can also be output 
through speakers. 

5.2.1 Printers 

Printers for kiosk use must be small and easy to operate. [14] There are three types: laser, thermal or 
dot-matrix form. The fastest and most expensive printers at this time are the laser printers which 
produce crisp, letter-quality documents. Postscript laser printers are best for colorful, complex 
illustrations and software that support postscript can render an exact replica of any document before 
it gets sent to the printer. Thermal printers use thin sheets of wax-based ink that melt onto the page 
for a sharp image rivaling some laser printer reproductions. The latest dot-matrix printers have 
become more competitive allowing close-to-laser-quality print jobs (24-pin printer) while remaining 
more affordable. Dot-matrix printers require less maintenance than lasers and cost less initially. If 
your application requires multi-part carbon copy forms, continuous form or ledger (11x17) size 
paper, the dot matrix is your best bet since most laser printers are still not able to develop print jobs 
with these kinds of paper. Note that all printers may not work properly if they are not configured (or 
able to be configured) to communicate with the computer they are hooked up to. 

In selecting a printer, three major areas should be considered: print quality, printer performance, 
ease-of-use features, and how it will mount in the kiosk. When studying print quality, it is necessary 
to know whether the printer renders its copies in multiple colors or black and white, if the printer has 
graphics capabilities whether the copies are produced by one of the three types listed above, how the 
printer renders/blends hues if color is available, if legible text can be reproduced in a variety of letter 
sizes and a font styles, when the ink placement is off thereby causing smearing and misregistration 
(poor placement of an object, word or letter on a document). 

Analyzing printer performance presents issues dealing primarily with speed in returning print jobs. If 
the output is text (vs. text and graphics-pictures, pie charts etc.) alone, then the print out should occur 
fairly rapidly provided the document is not incredibly long or there are several print outs trying to 
occur at the same time. If the printer outputs more than one size of paper, the printer must be able to 
easily accommodate a good supply of either type of paper as well as "know" which size is needed for 
a particular application. Communication between the printer and the computer will also effect the 
performance of the computer used on a kiosk application. 

Printer ease-of-use features should include simple set-up and printer configuration, ease in 
replacement of paper and print toner as well as an easy access to the "innards" of the printer by 
qualified repair personnel for spot repairs. If the kiosk only offers front access the printer must allow 
printer supplies to restocked from the front along with paper output. 

How the printer will be mounted in the kiosk is very important. Some kiosk have been physically 
designed primarily because of the printer being used (Card kiosk). The printer needs to be mounted 
to allow easy maintenance. The printer need to be mounted to allow paper output. The kiosk designer 
needs to leave room for the large mounted paper rolls when using thermal printers. 

5.2.1.1 Manufacturers 

* Axiohm, 303 County Road, E-2 West, New Brighton, Minnesota 551 12, phone 800 732-8950, fax 
612 638-0758. 

* Cybertech Inc., 935 Horsham Road, Horsham, PA 19044, phone 800 755-9839, fax 215 674-8515. 

* International Technologies & Systems, phone 800 971-3535. 

* Omniprint, Inc., 6A Vanderbilt, Irvine, CA 92718, phone 800 510-9684, fax 714 457-9016. 
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* Syntest, 40 Locke Drive, Marlboro, MA 01752-9973 phone 508 481-7827, fax 508 481-5769. 

* Westrex International, 25 Demby Road, Boston, MA 02134-1694, phone 617 254-1200, fax 617 
254-6848. 

5.2*2 Monitors 

The monitor is selected based on several criteri&£15] First the monitor must work with the video 
card being used by the computer. For some computers the video card is built into the system, on 
others the card is purchased separately. If a touch screen is being used you must make sure that the 
touch screen's monitor will work with the selected monitor. Touch screens are normally purchased 
already installed on a monitor. 

One important point to keep in mind about monitors is that for kiosk applications, the video terminal 
needs to be able to handle multiple input and also support video for both computer (RGB) and 
regular (NTSC) inputs. The best multimedia video displays are capable of switching among different 
video sources (laserdisc, videotape player, audio soundtracks, etc.). Since most of the kiosks will 
serve one customer at a time, video screens should be no smaller than 17" for displaying 
applications. This size will allow enough pixel representation (640x480 minimum) for reasonably 
crisp text and graphics without over-crowding the screen. Color monitors preferably with remote 
control on-screen programming are best suited for kiosk applications since the need to adjust 
contrast, brightness and hue will not require actual removal of the kiosk enclosure for minor visual 
adjustments. 

5.23 Speaker Systems 

The kiosk speaker system is extremely vital where customer communication requires sound in 
addition to pictures. [16] Self-powered speakers for multimedia applications can actually aid in 
uncovering audio problems that would go unnoticed on the primitive speakers that come with a 
computer. Some speaker models come with interfaces specially designed for MIDI synthesizers or 
CD-ROM software. The size of the speakers, their particular traits and the dimensions of the kiosk 
enclosure will be major factors in making a purchase. Speaker prices per pair range between $30 and 
$550 with amplifier output (watts per channel ranging from 1 .5- to 35-watts per channel though most 
are at the lower end of this range (3—10 watts per channel). It is necessary that the speakers you 
purchase match the nominal impedance rating of the computer's audio output lest you destroy the 
sound capability on your machine. Each speaker system has its own drivers — the cones within the 
unit that actually produce the sound. All speakers come in three different types: 

* full-range - one speaker cone that can carry the entire frequency spectrum 

* two-way - contains woofers (lower frequency tones) and tweeters (high end frequencies) 

* three-way - contains woofers, tweeters and mid-range (carries mid-level frequencies). 

Although two-way systems are more favorable than one-way (full-range) systems, a three-way 
system may not necessarily give you better quality than a two-way system. Some systems also 
include sub-woofers for even greater control over the low-level frequencies. Please note that these 
speaker systems are specially designed for computer technology to provide stereo imaging or 
sound-processing circuits that can recreate stereo sound on a monotone source. The speakers can be 
optimized to work with a computer, CD-ROM drive, or sound card at an area within 20 Hz to 20 
kHz — a frequency response range ideal for average human hearing. In examining sound 
reproduction on self-amplified speakers, the wider and flatter the frequency response and the higher 
the amplifier power output the better. Speakers with more tone controls on the front panel give 
greater control over the overall sound output. Some panels simply have separate bass and treble level 
regulators, other panels also include additional bass boost buttons (for sub- woofer systems) and 
microphone trim dials (adjust microphone input to alleviate distortion). Additional supplies for 
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mounting come with some models and the dimensions and weight of each model may vary from 
5x2x3 to 6x13x16 and 1.5 lbs. to 28ibs. respectively. 

Directional speakers will eventually be available for kiosks. These speakers will allow the kiosk 
designer to direct the speaker output to a specific location. The speaker generated sound at other 
locations will be greatly attenuated. This will provide the kiosk user with greater security from eves 
dropping and help prevent sound pollution in from the kiosk. 

5.2.4 Ticket Printer/Encoders 

Ticket printers and encoders are usually small impact printers (see Printers 5.2. 1). Often the ticket is 
preprinted in color and loaded into the ticket printer. When a ticket is dispensed validating 
information is printed onto the ticket to validate it. 

53 Kiosk Enclosures 

Once the client population and desired location have been considered, the process of selecting the 
shell of the kiosk can begin. A kiosk enclosure must be designed for the access of clients and service 
personnel. Each group has different design concerns, and ignoring either group will ruin a kiosk 
design. If client use is low because of a poor enclosure design, that kiosk's services will go unused. If 
a poor design makes maintenance and servicing difficult, the cost of the kiosk becomes greater since 
these are the primary long term expenses for a kiosk. 

The kiosk enclosure should be designed to protect the computer and peripherals it contains from 
theft and physical damage and allow access for service and maintenance. Controlled access to the 
computer hardware should be designed into the kiosk from the beginning, so that updates and repair 
can be performed without too much difficulty. The base of the kiosk is often designed to be locked in 
place to prevent theft of the entire unit. Protection of the peripherals is normally accomplished by 
providing lockable access doors in the front of the kiosk. All access panels should be sturdy and 
difficult to pry open. If all service access is done from the front of the kiosk any attempts at theft or 
vandalism will be in full public view. The kiosk can be serviced when it is against a wall without 
moving it if the access doors are in the front. Since most kiosks are bolted to the floor this can be 
very important. 

Many kiosk manufacturers insist on handling the entire kiosk design project, hardware and software. 
The manufactures build a prototype system that the producer evaluates according to a predetermined 
set of criteria. The kiosk system is modified with the negotiated changes and the purchaser has a 
kiosk. 

Several other manufacturers handle only the kiosk hardware. The buyer works with the manufacturer 
to specify a kiosk systems hardware. The purchaser could be buying the kiosk shell only, or purchase 
a kiosk with the desired peripherals added. The manufacturer will normally be able to suggest a 
source for contract software support if the buyer request it. Such support is purchased separately and 
includes some consultation time for the software contractor to make sure that the hardware will 
support the software. 

Most of the kiosks manufactured today are built around a steel frame which houses the computer and 
peripherals. The frame is covered with various materials to make it attractive to the eye and to 
protect it from dirt, dust, and other associated indoor hazards. The other standard type of kiosk is 
manufactured as a steel or aluminum housing which holds the computer and peripherals. The surface 
is painted, and exterior material can be applied for decoration. 

Almost all kiosks are designed and built for use in non-hostile enclosed areas. The computer and the 
peripheral equipment used in the kiosk are sensitive to temperature, humidity, and moisture. Those 
kiosks which are exposed to the outdoors (ATM machines) are normally built into the sides of a 
building and protected from the elements. It is possible to construct a building to house the kiosk; as 
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might be expected, though, the cost build a kiosk for outdoor use in most environments is prohibitive. 
53.0.1 Manufacturers 

* ADCO, 3800 South 48th Terrace, St. Joseph, MO 64503, phone 800-821-2255. 

* Advanced Video Integration, Suite B, 2153 OToole Ave., San Jose, CA phone 408 955-0500. 

* Compass Technologies, phone 212 669-2006. 

* Diebold, Inc., 5995 Mayfair Rd., N. Canton, OH 47720, phone 216 497-5747 

* Exhibit Masters, phone 909 923-9446. 

* Factura Composites, Inc., Rochester, NY, phone 716 264-9600. 

* GrAN Design, 214 California Drive, Burlingame, CA, phone 415 347-2301. 

* Kiosk Information Systems, Inc., Unit C, 575 Burbank St., Broomfield, CO, phone 303 466-5471. 

* Lexitech, 32 Park Drive East, Branford, CT 06045, phone 203 495-6500. 

* Moss Matrix, phone 800 881-0864. 

* North Communications, Santa Monica, CA, phone 310 828-7000. 

* Parkhouse Contract Interiors, phone 512 328-9233. 

* TouchNet, 15520 College Boulevard, Lenexa, KS 66219, phone 913 599-6699 

5.4 Proximity Detectors 

A proximity detector is used to detect the presence of a possible user. Some detectors are part of a 
smart system which recognizes authorized users. Other simple systems monitor localized conditions 
to detect when a user may be near. 

The In-Charge system, by Racom Systems, consists or a radio frequency (RF) proximity reader 
which detects a credit sized transponder which utilizes an application specific integrated circuit 
(ASIC). The transponder is recognized by the kiosk and read when it comes in range. The card can 
be read to provide information about the user including biometric data to authenticate the card user 
as the card owner. Information can also be written to the card to provide an audit trail. These card 
can hold from 256 to 4,096 bits of information. These cards are currently being used for automatic 
billing of services provided to users on the move since no physical contact is made between the card 
and the scanner. 

Proximity detectors which monitor local conditions are usually based on infrared detectors, 
microwave detectors, or heat detectors. The microwave detectors register false detections along the 
fringe of the detectable area due to surface reflections from moving and stable objects. Heat detectors 
are often not responsive due to air conditioning which has changed the local temperature from when 
the detector was calibrated. The heat detector can also be fooled by clothing which insulates the 
wearer from detection or generates a false signal by detecting the heat absorbed by the clothing. 

Lawrence Livermore National Laboratory has developed an indoor radar which would work with 
kiosk systems. [17] The result is a 1.5" unit costing from $10 to $1 in quantity. The unit detects 
echoes of rapid radar pulses reflected from objects (1 million per second). The unit can be set to 
detect objects within a radius of 0 to 200 feet. 

5.5 Sound Cards 
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Most sound cards (sound boards) developed today are incorporated into IBM compatible PCs. Since 
most Macs already have built-in audio playback, additional audio applications are essentially 
unnecessary. The sound card should be purchased according to the customers ideal recording and 
playback quality preferences. Understanding certain component specifications and the primary 
subsystems of the sound card are also essential in making a smart purchase. The subsystems of a 
sound card come in three types: 

* audio digitizer - a pair of analog-to-digital and digital-to-analog converters 

* waveform synthesizer - generates a carrier wave for the sound signal 

* mixer - combines the signals from the digitizer and the synthesizer and possibly another audio 
source (for CD-ROM) 

The most significant component specifications to analyze are sample size and sample rate. The 
sample size indicates the number of bits of digitized sound the card can support (usually 8-, 10-, 12-, 
and 16-bit cards). The higher the bits the greater the sample rate. Sample rate normally ranges from 
22-, 44. 1-, or 48-kHz where the 8-bit cards sample at 22-kHz and the 16-bit cards sample at 
44.1 -kHz (only sensitive ears should detect the change in the 44.1- and 48-kHz sample rates). 

5.6 Video Cards 

Video capture cards are used to "capture" images for still frame or full-motion visual 
presentations. [18] They come in a large price range spanning from $250 up to a whopping $5,000. 
Selecting the proper video card requires some general knowledge on cards and some specific 
knowledge on your application. You should know you intended output format, the desired image 
size, the rate of image presentation and the number of colors captured in a particular image. 

5.6.1 Output Format 

The intended output format dictates the input parameters depending on whether you want CD-ROM, 
videotape on-screen presentation, etc. for your final product. If you can match the input and output 
formats by supplying the output format with only essential capture information, you will save system 
resources and get a quality image. The size of an image can range from small window to broadcast 
quality (160x120 pixels to 704x485 pixels by U.S. standards, respectively). This parameter will be 
largely determined by the size of your display monitor. Image presentation rate indicates the 
"shakiness" of an image as it is being reproduced. The rate is measured in frames per second (fps) 
and the smoother the motion becomes, the better. The jerky types of motion occur around 5 fps while 
20 fps gives a more fluid image presentation thought some flickering may still be visually discerned. 
A 30 to 70 fps will remove most of the flicker from the image. 

5.6.2 Capture 

Capture color will determine the realism in a particular scene image. For most realistic color scenes 
the bit size should be around 24 bits per pixel (over 16 million colors). If realism is not of major 
concern, it may be possible to use a simpler 8 bit per pixel image (rendering 256 colors). 

5.63 Additional Information 

Additional information that would be valuable in making a purchasing decision includes card 
configuration, platform, capture rate, hardware and software compression supported input video 
formats, video encoding, S-video support audio capture and throughput and video throughput. 

5.6.4 Platforms 

Most of the capture software is configured to run on either a PC or Mac machine. The machine 
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should be a Intel 80286 or faster machine for PCs and should accept ISA adapter cards. Macintosh 
machines will need a NuBus system which runs QuickTime to support a video capture card. Motion 
capture boards require Video for Windows or QuickTime drivers software. 

5.6.5 Compression 

The issue of compression basically deals with how the pixels are used to represent a captured image. 
The problem that arises is that the video data can take up an enormous amount of space if the pixels 
are represented in their "native" state. For 15 fps on 16 bit per pixel video, the data on a 160x120 
pixel window would consume about 34 MB per minute. To conserve some of this space, hardware, 
proprietary software or operating system extensions are used to compress the captured data. The best 
yet most expensive method is hardware-assisted compression via video boards which run a JPEG 
(Joint Photographic Experts Group) or DVI (Digital Video Interactive) algorithms. Other 
compression methods include MPEG chip technology used by chip-based video boards. Software 
compression is normally a process that requires the data to remain in an uncompressed form before 
being change to a compressed state. Software and hardware that provide fast playback and high 
compression take longer to reach a final compressed state. Fractal-based software compressors have 
the ability to compress video data as a stand alone package though some compressors are bundled 
with existing video software. Capture rate for video data represents the number of images that can be 
output from the input data and varies from 15 fps to 30 fps (60 fps {fields per second}). Video input 
comes in these formats: 

* NTSC - National Television System Committee; refresh rate of 59.94 Hz (fields/sec.) and 29.97 
Hz (frames/sec); horizontal frequency of 15.734 kHz and 262.5 (lines/field) 

* PAL - Phase Alternation Line; U.K. video standard with vertical frequency of 50 Hz and 25 
(frames/sec.) and horizontal frequency of 15.625 kHz with 312.5 (lines/field) 

* SECAM - French acronym for System for Electronic Color with Memory; color video encoding 
system displaying 625 lines at 50 Hz 

* RGB - 3-D Cartesian axis color modeling system where each axis is represented by Red, Green, 
and Blue 

5.7 Storage Devices 

If the kiosk is at all interactive, it will require a storage system of some type. This system would be 
used for keeping records (kiosk transactions), storing a complex presentation, or used as a cache 
when downloading data for the user. 

5.7.1 CD-ROM 

CD-ROM storage devices come from various makers and will soon be standard according to one 
article in New Media magazine, but the key issues in purchasing the right CD-ROM drive for your 
kiosk will be speed and access time, regardless of your application, f 19] Today's drives come in 
double, triple, and quadruple speeds. These speeds correspond to the actual speed of the CD-ROM 
drive in relation to the early "single speed" standard. The double speed drive has data transfer rate of 
no less than 300 KB per second and 200 - 400 ms of access time; quadruple speed drives run a 600 
KB per second data transfer rate. If your kiosk application requires that a wide range of information 
be accessed at once, it would be wise to look into a multiple CD-ROM drive changer with triple or 
quadruple speed. 

In order to measure the performance of a particular drive, it is necessary to look at both the data 
transfer rate, which is the speed at which extended lengths of data can be read off the disc, and 
average access time, which refers to the search time for random bits of information on a disc. The 
faster the transfer rate the smoother the video and audio playback. This is due to fewer frames of 
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video being dropped during playback. 

Cache size can also have a dramatic effect on the speed of your CD-ROM drive. The hardware cache 
can perform one of two roles. First, the cache can at as a read-ahead buffer, accessing the next block 
of information on the disk. Second, the cache can act as a transfer buffer, anticipating the desire of 
the user to reread a recently accessed piece of information. The cache is most efficient when used to 
page through an electronic encyclopedia or database. It maxes out quite quickly when continuous 
data streams are flowing, as in multimedia playback. Additional features that might be attractive are 
audio CD playback capability, line outputs for speaker systems, manual eject button and automatic 
cleaning mechanisms for frequent anticipated use. 

* Seek time - The time it takes to move the head across the platter to a particular track to read or 
write data. The buyer should ask whether this number indicates read-seek time, write-seek time or an 
average of the two write seek time is the slowest latency the time it takes for a drive to vertically 
position the head over the track to begin data transmission. 

* Access time - the sum of the average seek time and the average latency Rotation speed the speed 
of the drive is measured in rotations per minute. Most general purpose drives operate at about 5400 
revolutions per minute. 

5.7.2 Optical Jukebox 

Consider optical juke-boxes for kiosk applications that require storage or enormous amounts of data. 
An optical jukebox is designed to hold 6 GB to 12 TB (terabytes) of data at a time. They come with 
one or several drives (5 1/4", 12" and 14" disk sizes) and range in price from $6,000 to $600,000. 
Juke-boxes come in one of three drive types: WORM, re- writable and multifunction. WORM 
(Write-Once, Read-Many) drives were the first type to come out prior to the advent of the 
mega-storage space available today and can be utilized with ever disk size available. Re-writable 
storage is used in applications that do not require permanent files and utilize the magneto-optical 
erasable technology specifically available for 5 1/4" disks. Multifunction drive units simply combine 
the re-writable (erasable) and permanent disk access into one jukebox. Other important issues in 
selecting an optical jukebox include: 

* For what is storage needed? 

* Cartridge-to-drive ratio. 

The proper cartridge to drive (#disks-to-drive) ratio is extremely important since it is directly related 
to the access time of the machine. High access time translates into poor performance. Average access 
time after swapping for most optical drives is around 1 .5 seconds with a range of .037 to 6.4 seconds 
to swap time — locating the proper disk for reading by a laser operated arm — can also have an 
important effect on performance — locating the proper disk. Average optical drive swap time is 8.26 
seconds with a range of 5 to 32 seconds. According to one San Jose, California Optical Jukebox 
maker, the rule of thumb in selecting a proper ratio is 2 or 3 drives for every 120 disks. This ratio 
should allow 8 separate users to access the network a potential set of kiosks may run on 
simultaneously. 

Understanding the purpose for storage will dictate the type of drive type you seek. For kiosk 
applications that require temporary updates of data that will eventually be archived, a multifunction 
WORM/re-writable drive system is most efficient. If the data being transferred to disk is strictly 
permanent data, clearly WORM is the only option. Dynamic allocation of data to disk is best suited 
for re-writable drives. Keep in mind that the ability to alter or never alter data makes these drives 
options risky since a time may arise when you need to modify the jukebox to increase or decrease its 
storage capacity. 

5.8 Uninterruptible Power Supplies 
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Uninterruptible power supplies (UPS) are used to protect equipment and critical data stored in a 
kiosk. [20] A UPS supplies static/surge protection and power for several minutes when power is 
knocked out. This allows the computer and equipment to be powered down in an elegant manner. 
During this time automated credit card readers can eject credit cards currently being billed. It allows 
the kiosk to finish current transactions and close open files before shutting down. 

UPSs are selected by determining the type of protection required, the equipment being protected, and 
the amount of protection time needed. Calculate the voltage amps requirement for each piece of 
equipment by multiplying the voltage by the current needed. Add the voltage amps required by each 
piece of equipment to determine the needed UPS capacity needed. Select a UPS with a capacity 
higher than required calculated. 

A quick check list to find the right UPS for your kiosk follows: 

1. Find out which equipment will need protection: 

a. modems 

b. CD-ROMs 

c. monitors 

d. terminals 

e. external hard drives 

f. other devices 

2. Find out the voltage amps (VA) for each device: 

a. Multiply the voltage and amp requirements on the back of each device to determine the VA for the 
device. 

b. For devices with no voltage or amp specs, convert the watts to VA by multiplying the wattage by 
1.4. 

c. Add up the VA requirements for all components. 

3. Pick a UPS 

a. With a VA capacity at least as large as the setup requires 

b. With a capacity higher than is currently need for future component upgrades. 

6.0 SOFTWARE 

Every peripheral and every different medium used in a kiosk system has to be handled by software. 
Even within a given platform, or within a given combination of platforms, the range of programs 
available can be confusing. Once the desired functions of the kiosk system have been chosen, 
selecting the accompanying software can be made less baffling by comparing against some common 
parameters and capabilities. 

6.1 Point of Sale (POS) 

Payment processing is a very important part of transactional kiosk. Point of Sale software provides 
integrated credit authorization and electronic draft capture. Communications with the credit network 
handled by the software over a modem. Printing of the complete charge data is handled 
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automatically. Some POS software handles automatic settlement of daily charges. 
6.1.1 Manufacturers 

* AccuSell, 405 W. Washington St, Suite 465, San Diego, CA 92103, phone (619) 528-2900. 

* datacap systems, inc. I212A Progress Drive, Montgomeryville, PA 18936, phone (215) 699-7075, 
fax (215) 699-6779. 

6.2 Graphics and Animation 

The 3-D graphics and animation software of today combines fundamental 2-D drawing program 
software techniques with intuitive new tools. Most every 3-D package will require an understanding 
of the fundamentals of drawing in 3-D space to make an intelligent purchasing choice: 

* model building 

* surface attribution 

* animation of model (movement) 

* light detail 

* rendering of final product 

6.2.1 Model Building 

Initial shape models can be built from user drawings or from mathematical formulas. 

6.2.2 Surface Attribution 

Shading the surface of a 3-D object gives the illusion of an actual thing in real world space. The 
proper shading on a cube could render a TV, wastebasket, or meat locker. The mapping techniques 
make this possible briefly discussed below make shading possible: 

* texture - adding animation or a piece of 2-D artwork to a 3-D model wrapping the artwork around 
the surface of the 3-D object; 

* spherical - textural mapping onto spherical objects; 

* cylindrical - textural mapping onto cylindrical objects; 

* cubic - textural mapping onto cubic objects; 

* bump - adds dimension to a model without building it via the surface 

* reflection - mimics the appearance of shiny surfaces by simulating reflectivity; 

* environmental - allows objects in the environment to be reflected on other objects in the 
environment (e.g., an office reflected onto a shiny desktop); 

* procedural - allows textural attributes to be created rather than imported to an object (e.g., 
determining the number of markings in a floor tile); 

6.2.3 Animation of Model 

To understand 3-D animation, it is necessary to understand the principles associated with timelines. 
The desired effects are created by placing cameras, objects and lights at key positions on the screen 
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over time. The software purchased will handle the in-between motion. To achieve more advanced 
life-like movements, your software should be able to implement one or all of the following: 

* hierarchical motion - used to link armatures of objects together in order to restrict movement to a 
confined space; 

* physics - The physical system is evolved into a system of partial differential equations. The 
solution to the equations is used to derive animation. 

* behavioral - making an object move according to the known physical properties of that object 

6.2.4 Light Detail 

The quality of lighting is essential in choosing the proper software. Run-of-the-mill scenes are 
separated from professional quality 3-D scenes by good lighting. Several light sources can be 
incorporated into any 3-D software: 

* ambient - non-specific; overall lighting level that lightens or darkens a scene dictating warmth or 
coolness. 

* spots - light source able to illuminate an object within a restricted angular cone area. 

* advanced - allows control over the time of day or month, and fog simulating the diffusing effect of 
distance on light. 

6.2.5 Rendering 

Essentially, rendering is the process of properly combining all of the actions used to create a scene in 
order to output the final picture to the screen. 

6.2.6 Making the right choice 

Other issues in choosing the right 3-D package include user experience, the quality and productivity 
level required by your project. [21] Decisions must be made as to whether you are choosing your 
software to create a multimedia (disk-based presentation), video or film project design. 3-D 
programs come in a variety of complexities for every range of 3-D graphics skill. For print, video 
and film, the 3-D package purchased must have high-level (increased complexity in use and 
learning) programming capabilities while disk-based multimedia applications are more suited for 
low-level (simple use and learning) programming attributes. 

The fundamentals described above come in most of the various programs available. Some 3-D 
graphics packages also have a modeler that offers basic extrude and revolve functions. The most 
notable features of a modeler include: 

* automatic type extrusion; 

* capability to shape one form with another (e.g., punching a sphere through a cube); 

* putting a "skin" over multiple shapes to create one shape. 

* in "organic" modelers, the ability to control spline curves makes forming irregular and abstract 
shapes easy. 

Software availability varies from system to system. According to NewMedia magazine, the 
Macintosh has the largest number of available 3-D software on the market. Unfortunately, most of 
the software is not integrated (able to design the model and assign surface attributes, animation and 
rendering from one programming package)— modelers are a primary example. PC multimedia 
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applications are most popular with 3D Studio and Digital Arts software by Autodesk. Both graphics 
packages are fully integrated, but the things that make them special vary. Digital Arts has two 
interesting features. First, it allows batch processing for multiple files for automatic rendering. 
Second, its animation files are actually simple text files written in ASCII. This is advantageous 
because it simplifies troubleshooting. 3D Studio contains an editing module that allows edits 
between finished animations, permitting segments of animation to be essentially cut, pasted or 
repositioned in different sequences as well as introduced into video switcher-type transitions; its 
rendering is rapid and it provides automatic drivers for animation controllers use in video. 

The software evaluated in the magazine was supported by a variety of platforms including 
NEXTStep, DOS, Mac, SGI, Amiga, Symbolics, Windows, DEC, IBM RISC/6000, IBM RICS 
board, and Sun — the majority of which were supported by Mac and Windows. The file formats 
supported by the software varied also with DXF, TIFF and PICT file formats being the most 
common for import and export of file information. Among the modeling capabilities, 
vertex/spline-based, hierarchy, font extrusion and inherit attributes are the most common facilities. 
Boolean and skin fiinctions were found in the more powerful software packages. Most of the 
software studied held well over 20 sample models with perspective and orthographic modeling views 
being the most common. Some packages allowed the perspective and or the graphic views to be 
user-defined. In surface shading and lighting, almost all of the packages contained the capability to 
perform ray tracing, flat shading, Phong shading and hidden-line wireframes. Surface mapping on 
the more complete packages provided the ability to perform texture, bump, reflection, procedural, 
shadow and environment techniques. Lighting on most of the software consisted of parallel, spot and 
radial types with camera and architectural combined on a few others. 

6.3 Video 

See Video Cards, section 5.6. 

6.4 Sound Recording 

See Sound Boards, section 5.5. 

6.5 Authoring 

Authoring software is used for complex multimedia creations bypassing presentation program 
limitations. \22] Scripting languages are incorporated into most of the software for even greater 
flexibility. Authoring software incorporates true interactivity, "-not just button pressing" to 
applications including: 

* interactive kiosks 

* simulations 

* prototypes 

* demo disks 

* guided tours. 

The price range for this software begins around $100 and escalates to a whopping $5000. In New 
Media magazine, the Authoring software falls into one of four categories the article coins as 
metaphors: 

* icon 

* timeline 
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* card 

* script 

Iconic authoring software shows how media elements will work together by building flowcharts and 
diagrams (a technique called event-driven programming). Various packages support importable: 

* text 

* graphics 

* animation 

* full-motion video clips 

* MIDI/digitized sound 

* still frame pictures 

* stereo sound. 

7.0 COMMUNICATIONS 

The two different approaches to network communication are circuit-switched and 
packet-switched. [23 ] Telephone systems use circuit-switched networks by establishing a circuit from 
one computer modem to another via a switching office, trunk lines and a remote switching office. In 
packet-switched networks the traffic on the network is dived into small pieces called packets. These 
packets are multiplexed onto high capacity intermachine connections. 

7.1 Circuit Switched Telephone Connection 

A telephone in a kiosk can be the source of several problems and the solutions to several problems. 
The first problem associated with the telephone is the possibility that someone could use the phone 
for long distance phone calls. This can be solved by using a menu driven call method that limits the 
possible numbers accessible. You can also make user identification and billing method part of the 
sequence of events used to place a phone call. The phone must also be set to run in pulse code mode 
to disallow people accessing phone numbers simply using the proper tones. 

The phone line can also be used by a kiosk modem to provide security, billing, use information, and 
status reports. As the kiosk is being used the computer can collect information which can later be 
used for billing and kiosk use statistics. The computer can use the modem to transmit this 
information to a central location for later processing. The modem can be used to debit customers by 
verifying credit cards and recording transactions. When the kiosk security has been compromised the 
modem can be used to call for assistance. The modem can be used to request assistance when 
supplies are low or an error condition exist. 

7.2 Packet Switched Networks 

Packet-switched networks are not able to guarantee network capacity. The primary reasons for using 
a packet-switched network are cost and performance. The cost is low since multiple machines can 
share a network and fewer interconnections are required. The performance is high due to the 
availability of high speed network hardware. There is a general tradeoff between speed and distance 
for packet-switched networks. 

7.2.1 Local Area Networks (LAN) 

LAN technology provide the highest speed connections for computers. This speed is responsible for 
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the reduced ability to span large distances. The typical speed ranges from 4 Mbps and 2 Gbps. 
7 22 Metropolitan Area Networks (MAN) 

MAN technology span intermediate geographic areas and are able to operate at medium to high 
speeds. There is less delay introduced by MANs than WANs but MANs cannot span the same long 
distances. The typical speed ranges from 56 Kbps to 100 Mbps. 

7.2 J Wide Area Networks (WAN) 

WAN technology spans large geographic areas but operate at slower speeds and have longer 
connection delays. The typical speeds for a WAN range from 9.6 Kbps to 45 Kbps. 

7.2.4 Wireless LANs 

Wireless networks is a networking alternative which is growing in popularity .[24] These networks 
are easy to install and reconfigure. It is an excellent solution for instances where networking 
locations are not permanent. The two main types of wireless LANs are infrared and 
radio-frequency(RF) transmission. Infrared has greater bandwidth, and is immune to interference 
from competing electro-magnetic signals but is line-of-sight only. RF is the clear choice when for 
network transmission that must breach walls and other obstacles. Wireless LANs have a slower 
throughput and work over shorter distances. You run a greater security risk with some types of 
wireless LANs since data is more easily intercepted. 

8.0 SECURITY 

Kiosk systems provide a service. Consequently, kiosk security consists of two main topics: 

* ensuring that the service is provided correctly despite the actions of malicious (or clumsy) agents, 
and 

* ensuring that the deployment of the kiosk system does not make new forms of fraud possible. 

A principle that we have found to be true, unfortunately, is that service-enabling technology all too 
frequently is also fraud-enabling technology. Kiosk systems are no exception. 

Our analysis of kiosk security gives rise to three main themes: 

* Risks exist Kiosk systems permit risks that existed for previous vehicles, only on a much larger 
scale. Kiosk systems also permit new types of risks. 

* Solutions exist. There are economically feasible techniques that can address most of these risks. 

* Multi-level approaches are necessary. Locking a door does not good if the window is unlocked. 
Locking both is necessary, and also putting up a fence is even better. Effective kiosk security 
requires a set of solutions that are coherent and complementary. 

In this chapter, we examine these issues. Section 8.1 enumerates the main threat types facing kiosk 
services. Section 8.2 explores the points of attack in a kiosk system, where these threats can be 
carried out. Section 8.3 catalogs some techniques that can protect these points of attack. Elsewhere 
we provide a lengthy exploration of these issues. \2S) 

8.1 Threat Types 

Kiosk systems, like other electronic service vehicles, face three primary threat types. We examine 
each in turn. 
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8.1.1 Disclosure of Information 

Many kiosk systems involve private information. Some require the client to enter private information 
— such as a PIN or a password — as part of user authentication. Others require private information — 
such as a Social Security Number, an income level, or a set of disease symptoms — as part of the 
provided service. Kiosk services may also provide private information - such as a benefits level or a 
diagnosis - as part of the service. 

All information that has the expectation of privacy needs to be protected. This protection may be 
required by law (e.g., the Privacy Act), and also by practical reasons: private information can be a 
valuable target for thieves. 

Disclosure of information is an area that can demonstrate the second main aspect of kiosk insecurity: 
enabling frauds not while performing correct service. For example, a perpetrator can monitor a 
commerce kiosk in order to assemble a long list of names, credit card numbers, and expiration dates. 
This list can then be used to enable other frauds -- although the original kiosk services proceed 
unhindered. 

We note that private information can also consist of things beyond the actual data being moved 
around in a kiosk session. The simple fact that certain users are requesting certain services can be 
valuable to perpetrators. Security scientists are fond of citing the example of a recent U. S. military 
action that was no surprise to Washington's pizza shops, since the number of late-night pizzas 
ordered by Pentagon staff had skyrocketed. 

8.1.2 Violation of Integrity 

The concept of integrity has two aspects: 

* uncorrupted wholeness, and 

* operating in a trustworthy, correct fashion. 

Kiosk systems are vulnerable to violations of integrity on both these levels. 

Kiosks store and provide data, and have internal programs and operating software. They may be 
connected over networks to remote computers, which also store data and software. The integrity of 
all this information can be compromised by a determined hacker. 

Another aspect of integrity is the correctness of the service provided. The designer of a kiosk system 
should ask herself two questions: 

* What implicit assumptions am I making about this service? 

* Can a perpetrator subvert these assumptions for personal benefit? 

For one example, a kiosk system that sells concert tickets may limit each individual to purchasing 
four tickets. A greedy perpetrator may determine a way to impersonate other individuals in order to 
circumvent this limit. For another example, a university system may impose a strict time deadline on 
when a student submits their homework. A student who determines how to make the clock on a 
kiosk run slow can then submit homework late. All of these attacks would constitute violations of 
integrity. 

8.1.3 Denial of Service 

A key property of service delivery system is that it deliver the service. Perpetrators may attack a 
kiosk system simply to have it deny service to legitimate clients. Such attacks could have effects 
ranging from mere annoyances to loss of confidence in the deploying institution to (in extreme 
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cases) lawsuits and fines. 
8.2 Points of Attack 

Compared to traditional service vehicles of telephones and offices, kiosk systems are much more 
exposed. Kiosks are stationed in isolated places, often away from direct human supervision, and can 
be interconnected with physical wire that is also exposed. This exposure results in many points of 
attack that a perpetrator can use. (It is interesting to note, however, that the most powerful point of 
attack - the insider threat ~ arises from the one of the few roles that humans retain in the system.) 

8.2.1 The User Interface 

Perhaps the most obvious point of attack is the user interface: attacks commitable by using the 
normal "front end" that a kiosk provides to clients. A perpetrator may try to masquerade as another 
user in order to obtain information or change records; a perpetrator may also deny service to users by 
bombarding the system with resource-consuming requests. 

A more advanced use of this point of attack would be to exploit a bug or trapdoor in the user 
interface in order to gain access to the kiosk's internal computing environment, and then to carry out 
threats possible from that point of attack (Section 8.2.3). 

8.2.2 The Physical Kiosk 

A significant component of the kiosk is its physical environment: its case, input/output devices, and 
physical arrangement. This environment may also be attacked. A perpetrator may exploit the 
physical arrangement in order to shoulder surf, surreptitiously observe the private data that clients 
enter. (Shoulder-surfing is a significant cause of telephone-card fraud in the U. S.) A perpetrator may 
dumpster-dive: examine the trash near a kiosk for discarded receipts containing information that can 
be used for fraud. A perpetrator may jam the card reader (this was a technique used in the 
Connecticut fake ATM case in order to direct clients away from real ATMs), empty or jam the 
printer, or even steal an entire kiosk. 

As with the user interface, a more advanced use of this point of attack would be to physically 
penetrate the kiosk while leaving it in a functioning state, and then use the resulting access to the 
internal computing environment to carry out threats from that point of attack (Section 8.2.3). 

8.2.3 Kiosk Software 

Another significant component of the kiosk is its internal computing environment. Attacks on this 
level can be particularly devastating. Perpetrators may insert Trojan Horses that gather private 
information. [26] Perpetrators may deactivate security measures to enable other types of frauds; they 
may alter or crash the software, or learn cryptographic keys which make it possible to forge access 
cards. 

If the kiosk is networked to a remote host and the network front end on that host can be subverted, 
then perpetrators can use access to the kiosk software to gain insider access to the host computer, and 
carry out attacks from there (Section 8.2.5.) 

8.2.4 The Network 

Networked kiosk systems carry their own vulnerabilities. A perpetrator may tap into the line and 
eavesdrop on or modify legitimate messages. A perpetrator may insert messages of their own, or 
even sever the line altogether. Fending off these attacks will become even more challenging when 
kiosks move to wireless technology. 

8.2.5 Insiders 
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Insiders - employees of the deploying institution or its contractors - constitute one of the most 
serious threats to a system. Insiders can directly insert Trojan Horses and trapdoors in kiosk and host 
software, can peruse and modify databases, and can damage or delete necessary system components. 

8.2.6 Remote Access 

Host computers often have lines to permit remote access over the Internet or the telephone system. If 
the front end on such a line can be subverted - or if a front end does not even exist - then remote 
lines provide a way for perpetrators from anywhere in the world to obtain insider access, and carry 
out attacks from Section 8.2.5. These attacks are possible even for kiosks that are not networked — if 
the computers on which the kiosk software was developed permitted remote access. 

We caution the deployer of a kiosk system to examine this issue carefully. Our experience in 
vulnerability analysis has too often revealed the existence of dial-in lines — for off-hours emergency 
repair — that even the institution's security officers did not know about. 

8.2.7 Fake Kiosks 

Examinations of kiosk security frequently devote much attention to user authentication: making sure 
the user is who she says she is. However, the converse problem is also important: assuring the user 
that the kiosk is in fact genuine. A well-known example of a successful fake kiosk attack is described 
elsewhere[27]; perpetrators installed a fake ATM — that actually dispensed money -- in a 
Connecticut shopping mall, and used it to gather account numbers and PINs (later used for 
illegitimate withdrawals from real ATMs.) 

Fake kiosks can also result in indirect denial of service attacks, in that clients will be discouraged 
from using real kiosks, and may possibly lose respect for an institution's reliability. 

The increasing intertwining of kiosk services and Internet services - and the consequent easing of 
remote access to legitimate services — will make more likely a new twist: fake kiosks that provide 
legitimate service. For example, suppose an institution deploys a kiosk system that provides many 
services for free. A perpetrator could deploy a fake kiosk that purports to be part of this institution's 
system, and in fact actually provides these services, while also requesting credit card numbers as part 
of authentication. 

8.3 Solutions 

Fortunately, solutions exist for many of these threats. We briefly consider solution techniques 
relevant to the various points of attack; a much more detailed survey can be found elsewhere. [2 8] 

8.3.1 The User Interface 

Probably the most central security threat in many kiosk systems is user authentication. Is the user 
who she says she is? (Will the deploying institution be liable if it provides private information to the 
wrong party?) A large suite of techniques have been developed to address this problem. Informally, 
these techniques reduce to verifying the user's identity on the basis of one of three things: 

* something the user has; 

* something the user knows; or 

* something the user is. 

A common example of the first technique is the personal token: a card which the user carries and 
inserts into the kiosk. These tokens range from primitive OCR cards to highly advanced PCMCIA 
tokens offering powerful computational environments. Effectiveness — and cost -- varies 
tremendously. 
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A common example of the second technique is the password or PIN: a short alphanumeric sequence 
which the user types into the machine. Other knowledge-based techniques might use personal details 
about a client, like their date of birth and employee ID number. 

A common example of the third technique is biometric authentication: special devices on the kiosk 
measure physical properties of the user, and compare these measurements to stored references. 
Physical properties commonly used are fingerprints and hand geometry; advanced iris-scanning 
technology (which the user does not even observe occurring) looks particularly promising. 

Our third security theme stressed the need for multiple levels. User authentication is a demonstration 
of that theme: we caution the designer to use at least two factors in the user authentication scheme. 
We also caution the designer to be aware that good design is necessary -- if the two factors are 
magnetic-stripe card and PIN but the PIN is encoded on the magnetic stripe, then compromising one 
factor (e.g., stealing the card) can still suffice for impersonation. 

A critical implementation issue for most user authentication techniques is enrollment. The clients of 
a system need to go through some registration process, and may need to have special cards issued to 
them. This can be expensive and difficult in some cases, such as a kiosk system intended to provide a 
low-priority service to a huge population. In such instances, it may be feasible to piggyback on 
pre-existing authentication systems. 

Other techniques that can increase the security of the user interface are psychological deterrents 
(warning the would-be perpetrator that fraud will be detected and prosecuted), strict limits on the 
power of kiosks, and anomaly detection on usage patternsY|"29] 

8.3.2 The Physical Kiosk 

A standard suite of privacy measures and secure hardware techniques exist to address this problem. 
Some of these derive from common sense: positioning the CRT so only the client can read it, and 
positioning the keypad so that no bystanders can observe the entering of a PIN. Other techniques are 
more advanced, such as secure cabinet materials and construction. 

8.33 Kiosk Software 

Combating fraudulent access to the kiosk's internal computing environment raises many challenges. 
Basic techniques — such as restricting the power of the kiosk's computer to that strictly necessary for 
the provided service — can be very effective. More advanced techniques employ the use of secure 
coprocessors to provide tamper-proof "envelopes" in which to keep sensitive computation and data 
out of the reach of perpetrators who have succeeded in penetrating that far. [30] 

8.3.4 The Network 

One aspect of network security pertains to the physical network itself. Physical security techniques 
on the wires or fibers themselves certainly help, as does using sound fault-tolerant design practices 
(to make denial of services attacks more difficult). Using private networks may be more expensive 
than using leased lines or the Internet, but often will provide increased security. 

The other main aspect of network security is information security : using sound cryptographic 
protocols to prevent perpetrators from modifying or inserting messages, or replaying old messages 
which were originally legitimate. Standard techniques of public-key cryptography, session keys and 
symmetric-key cryptography, message digests, secure hash functions, nonces, and sequence numbers 
all address these issues. We refer the reader to Chapter 3 in [Hochberg 1995], or any of the standard 
reference works, such as [Schnier 1994]. 

We have focused on the network. The connection between the network and any host computers is 
also an area vulnerable to attack, and for which many techniques (such as firewalls) have been 
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developed. A good survey of these techniques is available. [31] 

83.5 Insiders 

Formality of operations, automatic procedures and automated audit analysis all help here. A good 
discussion of these topics is available. [32] 

83.6 Remote Access 

Sound firewall design as well as strong user authentication and automated analysis techniques help 
address this threat. We also caution the designer to be wary of securing telephone lines by the use of 
dial-back modems: many popular modems can be fooled by a perpetrator calling, and then 
transmitting a dial-tone. 

83.7 Fake Kiosks 

Strong physical security techniques combined with client education can help address this threat. In 
the extreme case, the same strong authentication techniques applied to users can be applied to kiosks, 
although this may require the user having their own computational environment (such as a smart 
card). 

9.0 KIOSK EVALUATION 

To evaluate the kiosk design it must be evaluated by two sets of criteria. It must be evaluated by how 
well it satisfies the requirements of Service Providers who wanted the kiosk built. It must also be 
evaluated by how well it meets the requirements of the Service Users for whom it was designed. 

9.1 Acceptance 

Provider acceptance is evaluated by determining whether or not the delivered kiosk meet the 
requirements of the RFQs. The RFQ's were written to specify a solution to the problem that the kiosk 
was designed to solve. The RFQ's were written after determining the kiosk's requirements, attributes, 
and constraints. The RFQ is the contract between the Service Provider and the kiosk designer. 

The Service Users Acceptance is determined by the effectiveness of the kiosk. The only way to 
determine this is by studying how the users interact with the kiosk. There are several different 
techniques which can be used to evaluate the success of a kiosk. Whenever possible, aspects of 
system operations relevant to user acceptance should also be measured empirically. 

First, we must define a set of evaluation criteria by which the system should be judged. These are the 
following: 

* choice of applications 

* quality of implementation 

* security 

* cost/benefit analysis (business case) 

Second, we must specify methodologies by which one can evaluate the system's performance 
according to the defined criteria. We will suggest the following methodologies: 

* client feedback 

* automatic tracking 

* administrative review 
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If desired, one can use a pilot phase to test a variety of applications, implementations, and security 
measures. It can evaluate their relative performance, and adopt the most favorable ones after 
completing the pilot phase. 

9.2 Choice of applications 

This criterion breaks down into two subcriteria: 

* Exclusion. Are there additional applications that clients would like to see on the kiosks? 

* Inclusion. Has the agency implemented applications that clients do not want to use? These must be 
distinguished from applications that clients do not use because of poor design. 

9.2.1 Quality of implementation 

Several subcriteria apply to the client's perspective. Some of these are general: 

* Overall interface. Is the user interface self-explanatory and easy to use, or is it intimidating or 
confusing? 

* Applications. Are the screens for specific applications easy to use? 

* Turnaround. Does the kiosk react quickly to user input, or do users have to wait too long for new 
screens or printouts? 

* Accessibility. Does the kiosk accommodate a wide range of users, varying in their age, disability, 
and cultural background? An ideal system will provide alternative means of access for clients with 
special needs: a switch that enlarges the font size on the screen display, a variety of authentication 
options for the disabled, a speech recognition option for visually impaired clients, and a multitude of 
languages to choose from. It will also be tolerant of user errors. While field offices will always 
remain available for clients who cannot use kiosks, making the kiosks maximally accessible will 
benefit both the clients and the agency's finances. 

Other subcriteria from the client's perspective pertain to security when it is being used. We believe 
that success on these criteria is vital: a secure system is worthless if its clientele will not use it. 

* Comfort. Does security make the kiosk unpleasant to use? The user authentication procedure 
should not be frightening, humiliating, or intrude on the user's privacy. These factors, respectively, 
may cause problems for retina recognition, fingerprint recognition, and knowledge-based 
authentication based on a set of facts about the user. 

* Convenience. Does security make the kiosk inconvenient to use? If the user authentication 
procedure is slow, this will annoy the client currently at the kiosk as well as others waiting for the 
client to finish. If the authentication system or automated audit analysis system has a high false reject 
rate, this will be very frustrating for bona fide clients who are refused access to the system, or whose 
current sessions are interrupted) when the kiosk mistakenly detects an anomaly. 

* Accessibility. Does security make it hard for certain types of clients to use the system? Depending 
on their age, disability, and cultural background, clients may have difficulty with knowledge-based 
authentication (e.g., remembering a PIN), certain biometrics (e.g., signature, recognition), 
sight-based user interfaces (e.g., a keyboard), and language-specific instructions. Clients unskilled in 
kiosk usage may make many errors, triggering a negative response from the automated audit analysis 
system. 

The implementation should also be evaluated from a management perspective: 
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* Output. Do kiosk sessions result in output that is of use to the kiosk owner? For example, do 
kiosk-based requests for information often need to be re-keyed by hand? 

* Standards. Does the kiosk system meet established standards for information technologies? There 
are several different technologies and techniques that have been considered for use in the 
implementation of the kiosk system. In the case of magnetic stripes and bar codes, well defined 
standards have been adopted by the ISO (International Standards Organization). If the kiosk owner is 
part of the federal government, it is either required to follow standards for security and cryptography 
specified by NISTJ33] or attain a written waiver making them exempt for the regulations. For many 
of the technologies discussed in this report, such as smart cards and biometrics, standards do not yet 
exist but are under development 

* Enabling evaluation. Does the kiosk programming include functions that enable managers to 
evaluate the system? (This includes on-line surveys, self-tracking, etc. — see evaluation 
methodologies below.) 

9.2.2 Security 

* User authentication. Does the security system effectively screen out masqueraders? The 
percentage of false accepts should be kept to some acceptable minimum. This should be lower than 
the false accept rate found in telephone interactions, given the higher potential of electronic fraud. At 
the same time, the false reject rate must be kept low enough not to annoy bona fide clients (see 
convenience above). 

* Auditing. Is the kiosk system's automatic auditing capability effective? Does it provide security 
officers with all the information they need to determine whether the system is secure? Does it 
provide a minimum of superfluous information? Is there an automatic system for analyzing the audit 
data? How useful is it? 

* Response. If the security system detects invalid behavior, does it respond in near real-time, and in 
what manner? The faster and more effective the response, the better. 

9.2.3 Business case 

The kiosk system will be a success from the business perspective if its benefits outweigh its costs. 
Costs include: 

* Start-up. This includes designing, constructing, and installing the kiosks, and enrolling users or 
issuing cards, if required. 

* Operation. This includes hardware and software maintenance, and ongoing labor costs for 
interacting with users on kiosk-related issues (e.g., enrolling new users, replacing lost cards, 
answering questions) 

We stress that an over-emphasis on economy at start-up may increase operational costs and/or reduce 
benefits. Initial expenditures along the following lines are likely to lower later costs: 

* Flexibility. It is worth spending more money to implement a kiosk system that the kiosk owner 
can easily change in the future, rather than one it would need to replace. 

* Durability. As in any major purchase, quality matters. Better-quality hardware and software will 
require less maintenance and replacement. 

Expenditures along the following lines are likely to increase benefits, and thus improve the 
cost-benefit ratio: 

* Speed. The faster the user turnaround, the more satisfied users will be, and the more likely they 
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will be to use kiosks instead of the 800 number or field agents. 

* User interface. Initial costs in careful design and testing of the user interface will pay off in 
satisfied users and usable kiosk output. 

* Security. Initial costs to build in security will minimize expensive fixes down the road and 
maintain user (and Congressional) confidence in the system. 

Benefits from the kiosk system should include the following: 

* Drop/no increase in other services. This is the heart of the benefits side of the business case. The 
main financial motivation for going to kiosks is to reduce costs for other means of service 
delivery(800 number, field offices), or at least to hold down increases in these services in future 
years. If the kiosks merely attract new users (who were not intending to access services otherwise), 
but do not divert established users from existing means of service delivery, it will cost the kiosk 
owner money rather than saving it. 

* Public relations. The kiosk system should appeal to the public and show it that the kiosk owner 
cares about its clients and is in step with modern technology. 

* Decrease in fraud. A truly secure kiosk system could reduce the overall risk of fraud. 

* Increased service delivery. While this benefit is hard to reconcile with the key goal of saving 
money, it is still feasible. If the kiosks attract users who otherwise would have used the 800 number 
or a field office, and if they can additionally accommodate new users, then the system can be said to 
have increased service delivery while lowering costs. 

93 Techniques 

We have just described a set of criteria by which the kiosk system can be judged. How can the one 
determine whether the system meets these criteria? We propose three methodologies below. 
Wherever possible, one should compare the results of these evaluations to results of evaluations of 
other means of service delivery. 

93.1 Client feedback 

We have found [Hix 1993] to be a valuable resource in preparing this section. The kiosk owner 
should get feedback both from clients who use the kiosks and from those who do not: the former to 
learn about system usage, and the latter to find out how the system might be changed to encourage 
wider usage. It should get feedback as the interface is being developed (formative evaluation) as well 
as when the kiosks are fielded (summative evaluation). Feedback can be objective or subjective, 
quantitative or qualitative. Clients can provide feedback in the following ways: 

* Videotaping. This is one of the best ways to learn about kiosk usage. One can get an overall 
impression of whether users enjoy the system, whether they make a lot of errors, and of what type, 
and how system usage differs from what is expected. A posted or on-line notice should let users 
know that they are being videotaped. 

* Concurrent verbal protocol talking. A client is asked to talk out loud while using the kiosk, 
describing "what they are trying to do, or why they are having a problem, what they expected to 
happen that did not, what they wished had happened, and so on."f34] 

* On-line feedback. Screen design can include a comment button that allows a user to give feedback 
at any time. Additionally, or alternatively, the kiosk could prompt the user to complete an on-line 
survey after finishing all transactions. The survey can ask general questions about user satisfaction as 
well as specific questions about different aspects of the system: speed, intrusiveness of user 
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authentication system, etc. It can also ask users whether they have used the kiosk instead of the 800 
phone service or a field office. 

There are several possible formats for on-line feedback, whether collected via comment buttons or a 
post-transaction survey. Users may enter feedback orally, or by typing. They may provide feedback 
in a fixed format, e.g., rating the system overall from 1 to 5, or in free text Fixed-format input is 
easier to analyze, though free-form input may be more in-depth. 

A problem with on-line feedback is that only users who choose to do so will provide feedback. Any 
statistician will testify that such a self-selecting group of respondents will produce a biased result: 
typically, individuals who are dissatisfied with the system will be disproportionately represented. 
The kiosk owner can lessen this problem, at least with regards to an on-line survey, by encouraging 
more users to complete the survey. The survey should be short; the kiosk may present it to all users 
without first asking if they want to complete it. At the extreme, the kiosk could require a user to 
complete the survey before returning his or her card, if one is used. 

* Personal interviews. One can interview both users and non-users to learn their reactions to the 
system. One should also provide a process for capturing informal feedback from clients. The field 
office representatives in the offices which provide kiosks will undoubtedly be the recipients of 
comments, both positive and negative, on the kiosk system. 

* Focus groups. The kiosk owner can conduct "focus group" sessions like those used by marketers 
and advertisers to evaluate new products and advertising campaigns. In such a session, a group of 
users, hopefully stratified by age, socioeconomic class, disability, etc. would discuss the kiosk 
system with employees for an hour or two. 

93.2 Automatic tracking 

The kiosk programming should include a tracking system that keeps quantitative records of system 
performance. At a minimum, this system should record how many clients use the kiosk, and each 
specific service on the kiosk, each day. Adding more detail, the system could record the amount of 
time each user spends at the kiosk. More detailed timing data can yield the time spent on each kiosk 
sub-function: introductory screens, user authentication, navigational screens, and screens for specific 
kiosk services. This information on frequency and speed of transactions and services can help 
managers estimate the cost of each transaction and the success of the user interface. 

Other extensions of automatic tracking are possible. The system could record the frequency of errors 
such as unstopped input (e.g., a nine-digit Social Security number) or incorrect use of a touch screen 
(e.g., users' pressing inactive areas of the screen). Tracking could also serve as a trigger for more 
detailed analysis. For example, it could operate in conjunction with a videotaping system that 
continuously loops unless triggered to save. If a user spent an unusually long interval of time on a 
particular screen, this could trigger the system to save the videotape segment corresponding to that 
interval, as well as a few minutes before and after the interval, for context. 

9.33 Manager feedback 

System managers and security officers will be an important part of the kiosk evaluation. System 
managers will determine whether the implementation meets government standards, enables 
evaluation, and is accessible to a satisfactory range of clients. During the pilot they can determine 
whether kiosk output is of satisfactory quality. They can determine whether the kiosks present a 
good business case. This evaluation must take into account such factors as the speed of transactions, 
the cost of operating the system (including answering questions, replacing lost cards, etc.), and the 
relationship between phone service and kiosk service. 

Security officers will determine whether the user authentication system is sufficiently rigorous, and 
whether false reject rates are within reasonable limits. They will also play a key role in evaluating 


http://www.kiosks.org/kiosk_paper.html 


3/2/99 


kiosk_paper.html at www.kiosks.org 


Page 37 of 39 


any automated audit analysis system that is built into the kiosks. Security officers should be tasked to 
review all suspicious incidents reported by the audit analysis system. If most of these turn out to be 
non-fraudulent, and in fact not worth investigating, it is likely that the reporting criteria in the system 
should be tightened. At the same time, security officers should review kiosk frauds not detected by 
the audit analysis system (though detected by other means). If this number is large relative to the 
number of detected frauds, then the kiosk owner should consider loosening the reporting criteria 
and/or adding new criteria. 
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11.0 APPENDIX: KIOSK COST 

The following table shows the cost for a kiosk over a 5 year period.[35] Notice that as the number of 
kiosk increase the cost for software, hardware, the enclosure, and the computer decrease. At the same 
time the costs associated with the Service and Support increase. 

Table 3: Kiosk Cost for 5 years 




1 

10 

100 

1000 

Non 

Software 

25,000 

15,000 

2,000 

500 

Reoccurring 

Hardware 

0 

2,000 

2,000 

500 

Expenses [36] 






Reoccurring 

Enclosure 

10,000 

2,000 

1,500 

1,000 

Expenses [37] 

Computer 

5,000 

5,000 

4,500 

4,000 

Service 

Service 

0 

1,000 

2,500 

3,000 

and Support [38] Support 

0 

0 

3,000 

3,000 


Average Cost 

40,000 

25,000 

15,000 

12,000 


per kiosk 


If you purchase 100 kiosks your average monthly cost per kiosk over the 5 year period is: 
$15,000 / 60 months = $250 per month 

If you rent the kiosks from a kiosk vender who is responsible for both service and support it will cost 
approximately twice the average monthly cost for each kiosk: 

2 X $250 = $500 per month 

The value gained by using a kiosk must be greater than $500 per month to be cost effective. 
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